From d248fcaf389ae5c763926955d7ba0cfa80fc002f Mon Sep 17 00:00:00 2001
From: Administrator <1101184511@qq.com>
Date: 星期四, 13 二月 2025 00:52:11 +0800
Subject: [PATCH] 区域封禁
---
src/main/java/com/taoke/autopay/controller/WebApiController.java | 227 ++++++++++++++++++++++++++++++++++++++++++--------------
1 files changed, 170 insertions(+), 57 deletions(-)
diff --git a/src/main/java/com/taoke/autopay/controller/WebApiController.java b/src/main/java/com/taoke/autopay/controller/WebApiController.java
index a01d79a..7b930dd 100644
--- a/src/main/java/com/taoke/autopay/controller/WebApiController.java
+++ b/src/main/java/com/taoke/autopay/controller/WebApiController.java
@@ -1,17 +1,19 @@
package com.taoke.autopay.controller;
+import com.google.gson.Gson;
+import com.taoke.autopay.dto.DYOrderDto;
import com.taoke.autopay.dto.WXAppInfoDto;
import com.taoke.autopay.entity.KeyOrder;
import com.taoke.autopay.entity.SystemConfigKeyEnum;
import com.taoke.autopay.entity.WxUserInfo;
import com.taoke.autopay.exception.KeyOrderException;
+import com.taoke.autopay.exception.KeyVerifyException;
import com.taoke.autopay.exception.WxOrderCountException;
-import com.taoke.autopay.factory.OrderFactory;
import com.taoke.autopay.service.KeyOrderService;
import com.taoke.autopay.service.SystemConfigService;
-import com.taoke.autopay.service.WxUserOrderCountService;
import com.taoke.autopay.service.WxUserService;
import com.taoke.autopay.utils.*;
+import com.taoke.autopay.vo.SubmitKeyInfo;
import net.sf.json.JSONObject;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
@@ -21,12 +23,11 @@
import org.yeshi.utils.UrlUtils;
import javax.annotation.Resource;
+import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import java.io.IOException;
-import java.io.PrintWriter;
-import java.util.Date;
-import java.util.List;
+import java.util.*;
@Controller
@RequestMapping("webapi")
@@ -34,6 +35,8 @@
Logger logger = LoggerFactory.getLogger(WebApiController.class);
Logger wxLogger = LoggerFactory.getLogger("wxLogger");
+
+ Logger verifyLogger = LoggerFactory.getLogger("keyVerifyLogger");
@Resource
@@ -45,41 +48,57 @@
@Resource
private SystemConfigService systemConfigService;
- @ResponseBody
- @RequestMapping(value = "submitKey")
- public String submitKey(String key) {
- if(1>0){
- return JsonUtil.loadFalseResult(0, "鎺ュ彛宸插叧闂�");
- }
- if (StringUtil.isNullOrEmpty(key)) {
- return JsonUtil.loadFalseResult(0, "璇蜂笂浼爇ey");
- }
- List<String> urllist = UrlUtils.parseUrlsFromText(key);
- if (urllist.isEmpty() || !urllist.get(0).contains("ur.alipay.com")) {
- return JsonUtil.loadFalseResult("鏀粯瀹濆彛浠や笉姝g‘");
- }
- try {
- KeyOrder order = keyOrderService.addKeyOrder(key, null, TimeUtil.getGernalTime(System.currentTimeMillis(), "yyyyMMdd"));
- Long uid = keyOrderService.getCanDistributeUid();
- if (uid != null) {
- KeyOrder orderUpdate = new KeyOrder();
- orderUpdate.setId(order.getId());
- orderUpdate.setDistributeClientUid(uid);
- orderUpdate.setDistributeTime(new Date());
- keyOrderService.update(orderUpdate);
- }
- return JsonUtil.loadTrueResult("");
- } catch (KeyOrderException e) {
- e.printStackTrace();
- return JsonUtil.loadFalseResult(e.getMessage());
- } catch (WxOrderCountException e) {
- return JsonUtil.loadFalseResult("浠婃棩瓒呰繃鏈�澶ф彁浜ゆ鏁�");
- }
- }
- private void addKey(String key, Long wxUid) throws KeyOrderException, WxOrderCountException {
- KeyOrder order = keyOrderService.addKeyOrder(key, wxUid, TimeUtil.getGernalTime(System.currentTimeMillis(), "yyyyMMdd"));
- Long uid = keyOrderService.getCanDistributeUid();
+ private void addKey(SubmitKeyInfo keyInfo, Long wxUid) throws KeyVerifyException, KeyOrderException, WxOrderCountException {
+
+ // 鏌ヨ娌℃湁澶勭悊鐨勬暟閲�
+ long notProcessCount = keyOrderService.countUserNotDoOrder(wxUid, new Date(System.currentTimeMillis() - 1000*60*30));
+ if(notProcessCount>0){
+ throw new WxOrderCountException("涓婁竴涓彛浠ゅ皻鏈鐞嗗畬锛�");
+ }
+
+ // 瑙f瀽閾炬帴
+ List<String> urllist = UrlUtils.parseUrlsFromText(keyInfo.getKey());
+ String verifyAlipayKey = systemConfigService.getValueCache(SystemConfigKeyEnum.ALIPAY_KEY_VERIFY);
+ DYOrderDto orderDto =null;
+ int orderType = Constant.ORDER_TYPE_UNKNOWN;
+ if (verifyAlipayKey != null && verifyAlipayKey.trim().equalsIgnoreCase("1")) {
+ try {
+ // 闇�瑕侀獙璇佹敮浠樺疂鍙d护
+ if (urllist.isEmpty()) {
+ throw new Exception("鍙d护涓笉鍖呭惈閾炬帴");
+ }
+ AlipayOrderUtil.AlipayOrderTradeInfo tradeInfo = AlipayOrderUtil.getTradeInfo(urllist.get(0));
+ String orderStatus = "";
+ switch (tradeInfo.getStatus()) {
+ case AlipayOrderUtil.AlipayOrderTradeInfo.STATUS_CANCELED:
+ orderStatus = "璁㈠崟宸插彇娑�";
+ break;
+ case AlipayOrderUtil.AlipayOrderTradeInfo.STATUS_PAY:
+ orderStatus = "璁㈠崟宸叉敮浠�";
+ break;
+ case AlipayOrderUtil.AlipayOrderTradeInfo.STATUS_NOT_PAY:
+ orderStatus = "璁㈠崟鏈敮浠�";
+ break;
+ }
+ if (tradeInfo == null) {
+ throw new Exception("鍙d护鍐呭鑾峰彇澶辫触");
+ }
+ orderType = AlipayOrderUtil.getOrderType(tradeInfo.getGoodsTitle());
+ // 楠岃瘉鍐呭
+ orderDto = keyOrderService.verifyKey(tradeInfo.getGoodsTitle(), orderStatus, tradeInfo.getItemRealAmount(), wxUid, null);
+ } catch (KeyVerifyException ee) {
+ try {
+ verifyLogger.warn("鏍¢獙涓嶉�氳繃锛氥�恵}銆�-{}", keyInfo.getKey(), ee.getMessage());
+ } catch (Exception e) {
+ }
+ throw ee;
+ } catch (Exception e) {
+ throw new KeyVerifyException(KeyVerifyException.CODE_COMMON, e.getMessage());
+ }
+ }
+ KeyOrder order = keyOrderService.addKeyOrder(keyInfo, wxUid, TimeUtil.getGernalTime(System.currentTimeMillis(), Constant.DB_DAY_FORMAT),orderType, orderDto);
+ Long uid = keyOrderService.getCanDistributeUid(Constant.MAX_PAY_ACCOUNT_QUEUE_SIZE);
if (uid != null) {
KeyOrder orderUpdate = new KeyOrder();
orderUpdate.setId(order.getId());
@@ -91,62 +110,151 @@
}
- @ResponseBody
- @RequestMapping(value = "submitKeyV2")
- public String submitKeyV2(String key, HttpSession session) {
- WxUserInfo user = (WxUserInfo) session.getAttribute(Constant.SESSION_KEY_USER);
- if (StringUtil.isNullOrEmpty(key)) {
- return JsonUtil.loadFalseResult(0, "璇蜂笂浼爇ey");
- }
+ private void verifySubmitKey(String key) throws Exception {
List<String> urllist = UrlUtils.parseUrlsFromText(key);
if (urllist.isEmpty() || !urllist.get(0).contains("ur.alipay.com")) {
+ throw new Exception("涓嶅寘鍚敮浠樺疂閾炬帴");
+ }
+ if (!key.contains("鏀粯瀹�")) {
+ throw new Exception("娌″寘鍚敮浠樺疂姹夊瓧");
+ }
+ }
+
+ private Map<String, IPUtil.IPInfo> ipInfoMap=new HashMap<>();
+ @ResponseBody
+ @RequestMapping(value = "submitKeyV4")
+ public String submitKeyV4(SubmitKeyInfo keyInfo, HttpSession session, HttpServletRequest request) {
+ String referer = request.getHeader("Referer");
+ keyInfo.setReferer(referer);
+ WxUserInfo user = (WxUserInfo) session.getAttribute(Constant.SESSION_KEY_USER);
+ if (StringUtil.isNullOrEmpty(keyInfo.getKey())) {
+ return JsonUtil.loadFalseResult("璇蜂笂浼爇ey");
+ }
+ String ip = IPUtil.getRemotIP(request);
+ keyInfo.setIp(ip);
+ if(!ipInfoMap.containsKey(ip)){
+ try {
+ IPUtil.IPInfo ipInfo = IPUtil.getLocalIPInfo(ip);
+ ipInfoMap.put(ip, ipInfo);
+ } catch (Exception e) {
+ throw new RuntimeException(e);
+ }
+ }
+ keyInfo.setIpInfo(ipInfoMap.get(ip));
+
+ String citys = systemConfigService.getValueCache(SystemConfigKeyEnum.FORBIDDEN_SUBMIT_CITYS);
+ if(citys!=null&&ipInfoMap.get(ip)!=null){
+ List<String> cityList = Arrays.asList(citys.split(","));
+ if(cityList.contains(ipInfoMap.get(ip).getCity())){
+ LogUtil.loggerDebug.warn("鍖哄煙灞忚斀锛歿}-{}", ip, new Gson().toJson(ipInfoMap.get(ip)));
+ return JsonUtil.loadFalseResult("鏆傛椂鏃犳硶涓婁紶鍙d护");
+ }
+ }
+
+ try {
+ verifySubmitKey(keyInfo.getKey());
+ } catch (Exception e) {
return JsonUtil.loadFalseResult("鏀粯瀹濆彛浠や笉姝g‘");
+ }
+ // 楠岃瘉鎻愪氦鏃堕棿
+ String timeStr = systemConfigService.getValueCache(SystemConfigKeyEnum.KEY_SUBMIT_TIME_RANGE);
+ if (StringUtil.isNullOrEmpty(timeStr)) {
+ return JsonUtil.loadFalseResult("灏氭湭閰嶇疆鐢熸晥鏃堕棿");
+ }
+ String startTime = timeStr.split(",")[0].trim().replace(":", "");
+ String endTime = timeStr.split(",")[1].trim().replace(":", "");
+ String now = TimeUtil.getGernalTime(System.currentTimeMillis(), "HHmmss");
+ if (Integer.parseInt(now) < Integer.parseInt(startTime) || Integer.parseInt(now) > Integer.parseInt(endTime)) {
+ return JsonUtil.loadFalseResult(String.format("鍙d护鎻愪氦鏃堕棿娈典负锛�%s-%s", timeStr.split(",")[0], timeStr.split(",")[1]));
}
if (user == null) {
// 鍏堜繚瀛楰EY
-// SESSION_KEY_TEMP_ALIPAY_KEY
- session.setAttribute(Constant.SESSION_KEY_TEMP_ALIPAY_KEY, key);
+ session.setAttribute(Constant.SESSION_KEY_TEMP_ALIPAY_KEY, keyInfo);
wxLogger.info("寰俊娌℃湁鎺堟潈:" + session.getId());
String redictLink = systemConfigService.getValueCache(SystemConfigKeyEnum.WX_REDIRECT_LINK);
if (StringUtil.isNullOrEmpty(redictLink)) {
return JsonUtil.loadFalseResult("鏃犳硶鑾峰彇鍒版巿鏉冮摼鎺�");
}
+
+ redictLink = redictLink.replace("snsapi_base", "snsapi_userinfo");
// 娌℃湁鐧诲綍锛岃繑鍥炵櫥褰曢摼鎺�
JSONObject root = new JSONObject();
root.put("link", redictLink);
return JsonUtil.loadTrueResult(Constant.RESULT_CODE_NEED_LOGIN, root);
}
wxLogger.info("寰俊鏈夋巿鏉�:" + session.getId());
-
+ LogUtil.loggerDebug.warn("GEO淇℃伅锛歿}-{}-{}", user.getId(),ip, new Gson().toJson(ipInfoMap.get(ip)));
try {
- addKey(key, user.getId());
+ addKey(keyInfo, user.getId());
return JsonUtil.loadTrueResult("");
} catch (KeyOrderException e) {
e.printStackTrace();
return JsonUtil.loadFalseResult(e.getMessage());
} catch (WxOrderCountException e) {
return JsonUtil.loadFalseResult(e.getMessage());
+ } catch (KeyVerifyException e) {
+ LogUtil.loggerDebug.debug("鍙d护鏍¢獙澶辫触锛歿}-{}-{}", keyInfo.getKey(), e.getCode(), e.getMessage());
+ switch (e.getCode()) {
+ case KeyVerifyException.CODE_KEY_MONEY_NOT_MATCH:
+ return JsonUtil.loadFalseResult("璇ョ瑪璁㈠崟鏈夎锛屼笉浜堟彁浜�");
+ case KeyVerifyException.CODE_ORDER_MONEY_NOT_MATCH:
+ return JsonUtil.loadFalseResult("鎻愪氦閲戦涓嶅尮閰�");
+ case KeyVerifyException.CODE_ORDER_NO_REPEAT:
+ return JsonUtil.loadFalseResult("閲嶅鎻愪氦璁㈠崟");
+ }
+ return JsonUtil.loadFalseResult(e.getMessage());
}
}
+
@RequestMapping(value = "wxLogin")
- public void wxLogin(String code, String state, HttpServletResponse response, HttpSession session) throws IOException {
+ public void wxLogin(String code, String state, HttpServletRequest request, HttpServletResponse response, HttpSession session) throws IOException {
// 鏍规嵁code鑾峰彇openid
- wxLogger.info("寰俊鎺堟潈鍥炶皟锛歿} code-{}", session.getId(), code);
+ SubmitKeyInfo alipayKeyInfo = (SubmitKeyInfo) session.getAttribute(Constant.SESSION_KEY_TEMP_ALIPAY_KEY);
+ wxLogger.info("寰俊鎺堟潈鍥炶皟锛歿} code-{} referer-{}", session.getId(), code, alipayKeyInfo.getReferer());
String failLink = systemConfigService.getValueCache(SystemConfigKeyEnum.WX_LOGIN_FAIL_LINK);
+ String referer = alipayKeyInfo.getReferer();
+
try {
WXAppInfoDto wxApp = systemConfigService.getWxAppInfoCache();
String successLink = systemConfigService.getValueCache(SystemConfigKeyEnum.WX_LOGIN_SUCCESS_LINK);
+ if (!StringUtil.isNullOrEmpty(referer)) {
+ Map<String, String> params = HttpUtil.getPramsFromUrl(referer);
+ params.put("state", "SUCCESS");
+ successLink = HttpUtil.getWholeUrl(HttpUtil.getUrlWithoutParams(referer), params);
+ }
+
WxApiUtil.WXAccessTokenInfo tokenInfo = WxApiUtil.getAcessTokenInfo(code, wxApp);
if (tokenInfo != null && !StringUtil.isNullOrEmpty(tokenInfo.getOpenid())) {
- WxUserInfo user = wxUserService.login(tokenInfo.getOpenid());
+ WxApiUtil.WXUserInfo wxUserInfo = null;
+ if (tokenInfo.getScope() != null && tokenInfo.getScope().contains("snsapi_userinfo")) {
+ try {
+ wxUserInfo = WxApiUtil.getUserInfo(tokenInfo.getAccess_token(), tokenInfo.getOpenid());
+ wxLogger.info("瑙f瀽缁撴灉", new Gson().toJson(wxUserInfo));
+ } catch (Exception e) {
+ wxLogger.error("瑙f瀽鍑洪敊", e);
+ }
+ }
+ if (wxUserInfo == null) {
+ wxUserInfo = new WxApiUtil.WXUserInfo();
+ wxUserInfo.setOpenid(tokenInfo.getOpenid());
+ }
+ WxUserInfo user = wxUserService.login(wxUserInfo);
session.setAttribute(Constant.SESSION_KEY_USER, user);
wxLogger.info("寰俊淇濆瓨鐢ㄦ埛淇℃伅锛歿} id-{}", session.getId(), user.getId());
- String alipayKey = (String) session.getAttribute(Constant.SESSION_KEY_TEMP_ALIPAY_KEY);
- wxLogger.info("浠巗ession璇诲彇鍒発ey锛歿}", alipayKey);
- if (alipayKey != null) {
- addKey(alipayKey, user.getId());
+
+ wxLogger.info("浠巗ession璇诲彇鍒発ey锛歿}", alipayKeyInfo);
+ if (alipayKeyInfo != null) {
+ if(!ipInfoMap.containsKey(alipayKeyInfo.getIp())){
+ try {
+ IPUtil.IPInfo ipInfo = IPUtil.getLocalIPInfo(alipayKeyInfo.getIp());
+ ipInfoMap.put(alipayKeyInfo.getIp(), ipInfo);
+ } catch (Exception e) {
+ throw new RuntimeException(e);
+ }
+ }
+ addKey(alipayKeyInfo, user.getId());
}
response.sendRedirect(successLink);
return;
@@ -154,6 +262,11 @@
} catch (Exception e) {
e.printStackTrace();
wxLogger.error("鎺堟潈澶辫触锛歿}", e.getMessage());
+ if (!StringUtil.isNullOrEmpty(referer)) {
+ Map<String, String> params = HttpUtil.getPramsFromUrl(referer);
+ params.put("state", "FAIL");
+ failLink = HttpUtil.getWholeUrl(HttpUtil.getUrlWithoutParams(referer), params);
+ }
}
response.sendRedirect(failLink);
}
--
Gitblit v1.8.0